Friday, March 25, 2011

Some 63 percent of K-12 schools say they have experienced at least two security breaches in the past year, according to a new study, and their IT administrators are struggling to find the resources they need to keep up with security tasks.

After deleting the 10,000th Viagra offer from your inbox, you might wonder, does anyone actually make money off this crap? Chris Kanich and his colleagues at UC San Diego and the International Computer Science Institute wondered too—so they hijacked a botnet to find out. Kanich’s team intentionally infected eight computers with a middleman virus, software they found in the wild that was relaying instructions between a botmaster computer and the network of computers it had secretly turned into spam-sending zombies. Then they changed the orders, effectively zombifying the botnet for their own research. Instead of sending hapless rubes to the botmaster’s website, spam ads would instead funnel them to a site built by Kanich’s team. It looked like an authentic Internet pharmacy, but instead of taking credit card numbers in return for a bottle of sugar pills (or worse), the site coughed up an error message and counted the clicks. Then the researchers calculated an estimate of how much money the spammer grossed per day: about $7,000.

Here’s the latest hot debate among Fourth Amendment scholars: when magistrate judges issue search warrants on computers, should those warrants limit where in the machine’s directory system the police may look, or for how long they can scan the drive?

Professor Orin Kerr of George Washington Law School says no (PDF). Assistant Professor Paul Ohm of the University of Colorado Law School says yes (PDF).

On 23 March MEPs asked the Commission and the Council about the implications for EU citizens of a US court order obliging Twitter to hand over personal data, messages and communications of users considered to be related to WikiLeaks. What personal data protection rights do EU-based Twitter users have in such cases?

Dutch Liberal Sophie in ‘t Veld explained, “The US court argues that once you use Twitter, you no longer have a legitimate expectation of privacy, and that means that EU citizens no longer have any legal protection, because Twitter is US-based”. That is “a problem that must be addressed in the review of the data protection” directive, she said.

By all means, review it, but unless Twitter or another social network is actually a registered business in the EU or advertises to/pitches to EU citizens, how does the EU bring them under their directives? Or will we see court rulings out of the EU that are not enforceable here?

This is another opportunity to mention how much we need to get people together to see how we can better harmonize privacy laws and protections between the EU and US and how much we need to strengthen privacy protections here in the U.S.

I'm sure this is completely unrelated to the story above. It does make me think that Twitter can find twits anywhere... No doubt this will “prove” that the US is behind the technology curve and result in a multi-billion dollar program to catch up.

… Readers over at Broadband Reports are noticing marked differences between AT&T’s measurements and their own. One user found differences of several orders of magnitude. Now, if AT&T (and of course Comcast and others) are unwilling to allow for wiggle room in their GB caps (fees start the byte over 250GB), why should we allow wiggle room in their measurement? After all, we don’t let grocers use poorly (or maliciously) calibrated scales.

Dude! Just because all these new words/terms/abbreviations appear in the OED does not mean it is appropriate to Tweet your research paper.

In an acknowledgment of the internet's overwhelming influence on the triviality we sometimes refer to as "real life," the Oxford English Dictionary doyens have decided to add a few of the web's favorite pronouncements to their lexicon. Among them are the standouts OMG, LOL and FYI, joining their compatriots IMHO and BFF among the proud number of officially sanctioned initialisms (abbreviations contracted to the initials of their words) used in the English language. Shockingly enough, the expression OMG has had its history tracked all the way back to 1917, while LOL used to mean "little old lady" back in the '60s, and FYI first showed up in corporate lingo in 1941. Not only that, but the heart symbol -- not the emoticon, the actual graphic -- has also made it in. Just so long as Beliebers and fanpires are kept out, there's still hope for the future. A tiny, twinkling ember of a hope.

Links

About Me

I live in Centennial Colorado. (I'm not actually 100 years old., but I hope to be some day.) I'm an independant computer consultant, specializing in solving problems that traditional IT personnel tend to have difficulty with... That includes everything from inventorying hardware & software, to converting systems & data, to training end-users. I particularly enjoy taking on projects that IT has attempted several times before with no success. I also teach at two local Universities: everything from Introduction to Microcomputers through Business Continuity and Security Management. My background includes IT Audit, Computer Security, and a variety of unique IT projects.